Browse Source

link hoststated to the builds.

ok miod@, henning@
OPENBSD_4_1
pyr 18 years ago
parent
commit
c2221b0cd4
10 changed files with 96 additions and 7 deletions
  1. +3
    -2
      src/etc/Makefile
  2. +2
    -1
      src/etc/changelist
  3. +2
    -1
      src/etc/ftpusers
  4. +1
    -0
      src/etc/group
  5. +39
    -0
      src/etc/hoststated.conf
  6. +2
    -1
      src/etc/mail/aliases
  7. +1
    -0
      src/etc/master.passwd
  8. +5
    -1
      src/etc/rc
  9. +2
    -1
      src/etc/rc.conf
  10. +39
    -0
      src/etc/relayd.conf

+ 3
- 2
src/etc/Makefile View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.245 2006/12/14 18:49:44 kettenis Exp $
# $OpenBSD: Makefile,v 1.246 2007/01/31 08:32:16 pyr Exp $
TZDIR= /usr/share/zoneinfo TZDIR= /usr/share/zoneinfo
LOCALTIME= Canada/Mountain LOCALTIME= Canada/Mountain
@ -81,6 +81,7 @@ distribution-etc-root-var: distrib-dirs
${INSTALL} -c -o root -g wheel -m 600 pf.conf ${DESTDIR}/etc ${INSTALL} -c -o root -g wheel -m 600 pf.conf ${DESTDIR}/etc
${INSTALL} -c -o root -g wheel -m 600 chio.conf ${DESTDIR}/etc ${INSTALL} -c -o root -g wheel -m 600 chio.conf ${DESTDIR}/etc
${INSTALL} -c -o root -g wheel -m 600 hostapd.conf ${DESTDIR}/etc ${INSTALL} -c -o root -g wheel -m 600 hostapd.conf ${DESTDIR}/etc
${INSTALL} -c -o root -g wheel -m 600 hoststated.conf ${DESTDIR}/etc
${INSTALL} -c -o root -g wheel -m 600 ipsec.conf ${DESTDIR}/etc ${INSTALL} -c -o root -g wheel -m 600 ipsec.conf ${DESTDIR}/etc
${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 555 \ ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 555 \
etc.${MACHINE}/MAKEDEV ${DESTDIR}/dev etc.${MACHINE}/MAKEDEV ${DESTDIR}/dev
@ -339,7 +340,7 @@ distrib:
DHSIZE=1024 1536 2048 3072 4096 DHSIZE=1024 1536 2048 3072 4096
update-moduli: update-moduli:
( \ ( \
echo '# $$OpenBSD: Makefile,v 1.245 2006/12/14 18:49:44 kettenis Exp $$'; \
echo '# $$OpenBSD: Makefile,v 1.246 2007/01/31 08:32:16 pyr Exp $$'; \
echo '# Time Type Tests Tries Size Generator Modulus'; \ echo '# Time Type Tests Tries Size Generator Modulus'; \
( for i in ${DHSIZE}; do \ ( for i in ${DHSIZE}; do \
ssh-keygen -b $$i -G /dev/stdout; \ ssh-keygen -b $$i -G /dev/stdout; \


+ 2
- 1
src/etc/changelist View File

@ -1,4 +1,4 @@
# $OpenBSD: changelist,v 1.49 2006/12/27 23:32:49 msf Exp $
# $OpenBSD: changelist,v 1.50 2007/01/31 08:32:16 pyr Exp $
# #
# List of files which the security script backs up and checks # List of files which the security script backs up and checks
# for modifications. # for modifications.
@ -39,6 +39,7 @@
/etc/gettytab /etc/gettytab
/etc/group /etc/group
/etc/hostapd.conf /etc/hostapd.conf
/etc/hoststated.conf
/etc/hosts /etc/hosts
/etc/hosts.allow /etc/hosts.allow
/etc/hosts.deny /etc/hosts.deny


+ 2
- 1
src/etc/ftpusers View File

@ -1,4 +1,4 @@
# $OpenBSD: ftpusers,v 1.29 2006/10/29 18:58:57 norby Exp $
# $OpenBSD: ftpusers,v 1.30 2007/01/31 08:32:16 pyr Exp $
# #
# list of users disallowed any ftp access. # list of users disallowed any ftp access.
# read by ftpd(8). # read by ftpd(8).
@ -40,3 +40,4 @@ _ospfd
_hostapd _hostapd
_dvmrpd _dvmrpd
_ripd _ripd
_hoststated

+ 1
- 0
src/etc/group View File

@ -53,6 +53,7 @@ _ospfd:*:85:
_hostapd:*:86: _hostapd:*:86:
_dvmrpd:*:87: _dvmrpd:*:87:
_ripd:*:88: _ripd:*:88:
_hoststated:*:89:
dialer:*:117: dialer:*:117:
nogroup:*:32766: nogroup:*:32766:
nobody:*:32767: nobody:*:32767:

+ 39
- 0
src/etc/hoststated.conf View File

@ -0,0 +1,39 @@
# $OpenBSD: hoststated.conf,v 1.1 2007/01/31 08:32:16 pyr Exp $
#
# Macros
#
webhost1="10.0.0.1"
webhost2="10.0.0.2"
#
# Global Options
#
# interval 10
# timeout 200
#
# Each table will be mapped to a pf table.
#
table webhosts {
check http "/" code 200
host webhost1
host webhost2
}
table fallback {
check icmp
host 127.0.0.1
}
#
# Services will be mapped to a rdr rule.
#
service www {
virtual ip www.example.com port http interface trunk0
# tag every packet that goes thru the rdr rule with HOSTSTATED
tag HOSTSTATED
table webhosts
backup table fallback
}

+ 2
- 1
src/etc/mail/aliases View File

@ -1,5 +1,5 @@
# #
# $OpenBSD: aliases,v 1.20 2006/10/29 18:58:57 norby Exp $
# $OpenBSD: aliases,v 1.21 2007/01/31 08:32:16 pyr Exp $
# #
# Aliases in this file will NOT be expanded in the header from # Aliases in this file will NOT be expanded in the header from
# Mail, but WILL be visible over networks or from /usr/libexec/mail.local. # Mail, but WILL be visible over networks or from /usr/libexec/mail.local.
@ -28,6 +28,7 @@ _dvmrpd: /dev/null
_fingerd: /dev/null _fingerd: /dev/null
_ftp: /dev/null _ftp: /dev/null
_hostapd: /dev/null _hostapd: /dev/null
_hoststated: /dev/null
_identd: /dev/null _identd: /dev/null
_isakmpd: /dev/null _isakmpd: /dev/null
_kadmin: /dev/null _kadmin: /dev/null


+ 1
- 0
src/etc/master.passwd View File

@ -35,4 +35,5 @@ _ospfd:*:85:85::0:0:OSPF Daemon:/var/empty:/sbin/nologin
_hostapd:*:86:86::0:0:HostAP Daemon:/var/empty:/sbin/nologin _hostapd:*:86:86::0:0:HostAP Daemon:/var/empty:/sbin/nologin
_dvmrpd:*:87:87::0:0:DVMRP Daemon:/var/empty:/sbin/nologin _dvmrpd:*:87:87::0:0:DVMRP Daemon:/var/empty:/sbin/nologin
_ripd:*:88:88::0:0:RIP Daemon:/var/empty:/sbin/nologin _ripd:*:88:88::0:0:RIP Daemon:/var/empty:/sbin/nologin
_hoststated:*:89:89::0:0:HostState Daemon:/var/empty:/sbin/nologin
nobody:*:32767:32767::0:0:Unprivileged user:/nonexistent:/sbin/nologin nobody:*:32767:32767::0:0:Unprivileged user:/nonexistent:/sbin/nologin

+ 5
- 1
src/etc/rc View File

@ -1,4 +1,4 @@
# $OpenBSD: rc,v 1.296 2007/01/06 12:00:06 matthieu Exp $
# $OpenBSD: rc,v 1.297 2007/01/31 08:32:16 pyr Exp $
# System startup script run by init on autoboot # System startup script run by init on autoboot
# or after single-user. # or after single-user.
@ -583,6 +583,10 @@ if [ X"${ifstated_flags}" != X"NO" ]; then
echo -n ' ifstated'; ifstated $ifstated_flags echo -n ' ifstated'; ifstated $ifstated_flags
fi fi
if [ X"${hoststated_flags}" != X"NO" ]; then
echo -n ' hoststated'; /usr/sbin/hoststated $hoststated_flags
fi
if [ X"${dhcpd_flags}" != X"NO" -a -f /etc/dhcpd.conf ]; then if [ X"${dhcpd_flags}" != X"NO" -a -f /etc/dhcpd.conf ]; then
touch /var/db/dhcpd.leases touch /var/db/dhcpd.leases
if [ -f /etc/dhcpd.interfaces ]; then if [ -f /etc/dhcpd.interfaces ]; then


+ 2
- 1
src/etc/rc.conf View File

@ -1,6 +1,6 @@
#!/bin/sh - #!/bin/sh -
# #
# $OpenBSD: rc.conf,v 1.119 2007/01/06 12:00:06 matthieu Exp $
# $OpenBSD: rc.conf,v 1.120 2007/01/31 08:32:16 pyr Exp $
# set these to "NO" to turn them off. otherwise, they're used as flags # set these to "NO" to turn them off. otherwise, they're used as flags
routed_flags=NO # for normal use: "-q" routed_flags=NO # for normal use: "-q"
@ -38,6 +38,7 @@ watchdogd_flags=NO # for normal use: ""
ftpproxy_flags=NO # for normal use: "" ftpproxy_flags=NO # for normal use: ""
hostapd_flags=NO # for normal use: "" hostapd_flags=NO # for normal use: ""
ifstated_flags=NO # for normal use: "" ifstated_flags=NO # for normal use: ""
hoststated_flags=NO # for normal use: ""
# use -u to disable chroot, see httpd(8) # use -u to disable chroot, see httpd(8)
httpd_flags=NO # for normal use: "" (or "-DSSL" after reading ssl(8)) httpd_flags=NO # for normal use: "" (or "-DSSL" after reading ssl(8))


+ 39
- 0
src/etc/relayd.conf View File

@ -0,0 +1,39 @@
# $OpenBSD: relayd.conf,v 1.1 2007/01/31 08:32:16 pyr Exp $
#
# Macros
#
webhost1="10.0.0.1"
webhost2="10.0.0.2"
#
# Global Options
#
# interval 10
# timeout 200
#
# Each table will be mapped to a pf table.
#
table webhosts {
check http "/" code 200
host webhost1
host webhost2
}
table fallback {
check icmp
host 127.0.0.1
}
#
# Services will be mapped to a rdr rule.
#
service www {
virtual ip www.example.com port http interface trunk0
# tag every packet that goes thru the rdr rule with HOSTSTATED
tag HOSTSTATED
table webhosts
backup table fallback
}

Loading…
Cancel
Save